The short answer is that you can't do this.
Once a browser has been authenticated then it is authenticated until
the server sends an SC_UNAUTHORIZED response or the browser has been
closed and restarted.
The long answer is that you can do this, if you have your users
specifically log out.
To do this you need to associate users with sessions and do
authentication based on whether the session is valid or not.
If the session is valid (ie: the user has logged on correctly) then
you return the 200 response.
If the session is invalid, or non-existant then you can return
UNAUTHORIZED.
That should do it.
Nic Ferrier
Tapsell-Ferrier Ltd
www.tapsellferrier.co.uk
>>> Wallace Neikirk <[EMAIL PROTECTED]> 6/4/99 7:07:03 PM
>>>
Hi,
I understand "Basic Http Authenticaiton", e.g.,
String authHeader = req.getHeader ( "Authorization" );
if ( authHeader == null ) {
res.setHeader ( "WWW-Authenticate", "Basic
realm=\"Authentication\"" );
res.sendError ( HttpServletResponse.SC_UNAUTHORIZED );
}
But, what about "Basic Http Re-Authentication" ...
What if a user ( a student ) logs off your site,
then another student steps up to use the same browser.
How do I force the browser to forget the previous student.
I tried "setHeader("Authentication", null), that didn't work.
Can anyone share the proper technique???
Thanks.
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in
the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources:
http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
